UPSC Articles
CYBER SECURITY
TOPIC:General Studies 3:
- Awareness in the fields of IT, Space, Computers, robotics, nano-technology, bio-technology and issues relating to intellectual property rights.
- Challenges to internal security through communication networks
Data privacy law : California’s new privacy law — the California Consumer Privacy Act (CCPA) (Part-1)
Context:
California’s new privacy law — the California Consumer Privacy Act (CCPA) — is first-of-its-kind data legislation went into effect recently.
Need :
- Data are increasingly commodified by technology conglomerates
California’s new privacy law gives right to users:
- Users have the right to see what personal information businesses collect about them, and the purpose and process of the collection. Personal information refers to any information that can be linked back to the user.
- User can request and view what inferences the businesses make about them,
- User have the right to see details about their personal information being sold or given to a third party.
- Users can make businesses delete their personal information, and opt out of having their data sold to third parties.
- Users can get a copy of the collected personal information for free.
- Parents have to give permission to companies before the companies can sell the data of their children under the age of 13 to third parties.
Why Right to ask for deletion?
- The more a company knows about you, the more power it has to shape your daily life.
- Such as showing you a shoe ad, to selecting your job, your housing, or helping to shape what candidate you support in an election.
Exceptions:
- The law lays out some exceptions, such as information necessary for completing transactions, providing a service, protecting consumer security, and protecting freedom of speech.
Affects of this law:
- Many firms are finding it easier to make the legal changes for all users rather than trying to distinguish users from California. Microsoft will roll out changes for all Americans, and Mozilla (which owns the Firefox browser) will make changes for all their users.
- The European Union’s General Data Protection Regulation (GDPR) too, shifted the entire Internet economy, not just that of the EU
Criticisms:
- The Act gives users the right to stop the selling of their data, but not the collection of their data.
- It does not do much to affect companies like Facebook and Google that make most of their money by collecting the data, not by selling it. Advertisers pay Facebook to target ads to users based off that data; they don’t pay Facebook for the data itself.
- The act places the burden of navigating this complex economy on users.
- Many of the provisions are vaguely worded — leaving concepts such as “third-party sharing” or “selling” up to interpretation.
Conclusion:
- Users get right to access the data, the right to ask for its deletion, and the right to prevent its sale to third parties. Because of the global nature of the Internet, these changes will affect users worldwide.
Connecting the dots:
- What are the challenges regarding data protection and how can they be addressed?
- Do you think Data protection is one of the key elements for a robust cyber policy?